Open Office 2.4 Closes Vulnerabilities

The Open Office project has just announced that the latest 2.4 version of the free office suite removes a number of security issues.

The developers did not disclose the nature of the issues to give the teams behind products based on Open Office sufficient time to integrate bugfixes.

Four vulnerabilities are described in the version 2.4 security bulletin. What they all have in common is that they can be triggered by manipulated files and lead to heap overflows. Two of them can be exploited to trigger a buffer overflow and execute code. The developers are not aware of an exploit that attacks the vulnerabilities, they add.

An update to Version 2.4 is thus not only recommended on account of the new features, but for security reasons.